Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-31296: Online Discussion Forum Site in PHP/OOP Free Source Code

Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.

CVE
Open in Source
#sql#vulnerability#web#apache#java#php

Submitted by oretnom23 on Monday, May 16, 2022 - 15:15.

****Introduction****

This simple project is entitled Online Discussion Forum Site. This is a web-based application project developed in PHP and MySQL Database. This simple project’s main goal is to provide an online platform for an organization where they can discuss any topic that is related to the site or organization. The site allows users to post any topic under a certain topic category. Users can post comments on each posted published topic. The system user interface was developed with Bootstrap Framework and AdminLTE Framework. It also consists of user-friendly features and functionalities.

****About the Online Discussion Forum Site****

I developed this project using the following:

  • XAMPP v3.3.0
  • PHP
  • MySQL Database
  • HTML
  • CSS
  • JavaScript
  • Ajax
  • jQuery
  • Bootstrap
  • Font Awesome
  • AdminLTE

This Online Discussion Forum Site is accessible to anyone and site management. As I mentioned at beginning of this article, the project allows users to post or published certain topics. Each published topic is visible to the public and registered users. The system requires the users to register and log in with their credentials to gain access to posting topics and comments. This project also contains an Admin Panel Site where the site management can manage all the data on the system. This side of the project requires an administrator user credential to gain access to the features and functionalities. On this site, the management can overwrite, and delete users’ posts and comments. The admin users also can create a new topic on this site. The Admin Users are the ones who are in charge of populating the topic category list. They can also update the system name, logo, etc.

****Features******User-Side**

  • Login and Registration
  • Home Page
    • Display the Carousel
    • List All Published Topics
    • Search Published Topics
  • Topic Categories Page
    • Lists All the Active Topic Categories
    • Search Category
    • Shows the Topic Category Description
  • Add Post Page
  • My Post Page
    • List All the user Create Topics (Published/Unpublished)
    • Search Created Topic
  • Edit or Update Posted Topic
  • Comment Section
  • Delete Posted Topics
  • Delete Posted Comments
  • Update Account Details/Credentials
  • Logout

Admin-Side

  • Home Page
    • Display the summary and images.
  • Category Management
    • Add new Category
    • List All Categories
    • View Category Details
    • Edit/Update Category Details
    • Delete Category
  • Post Management
    • Create New Post
    • List All Posts
    • View Post Details
    • Edit/Update Post Details
    • Comment Section
    • Delete Comments
    • Delete Post
  • User Management
    • Add New User
    • List All Users
    • View User Details
    • Edit User Details
    • Delete User Details
  • Update System Information
  • Update Account Details/Credentials
  • Login and Logout

The source code was developed only for educational purposes only. You can download the source code for free and modify it the way you wanted.

**System Snapshots of some Features******User Registration Page****

****Home Page****

****Topic Categories Page****

****Post List Page****

****Post Form Page****

****Post Details****

****Post’s Comment Section****

****Admin Dashboard Page****

How to Run ??

****Requirements****

  • Download and Install any local web server such as XAMPP.
  • Download the provided source code zip file. (download button is located below)

****System Installation/Setup****

  1. Enable the GD Library in your php.ini file.
  2. Open your XAMPP Control Panel and start ****Apache**** and ****MySQL****.
  3. Extract the downloaded source code zip file.
  4. Copy the extracted source code folder and paste it into the XAMPP’s “htdocs” directory.
  5. Browse the ****PHPMyAdmin**** in a browser. i.e. ****http://localhost/phpmyadmin****
  6. Create a new database naming ****odfs_db****.
  7. Import the provided ****SQL**** file. The file is known as ****odfs_db.sql**** located inside the database folder.
  8. Browse the Online Discussion Forum Site in a browser. i.e. ****http://localhost/odfs/****.

****Admin Default Access:****

Username: admin
Password: admin123

****Sample User Access:****

Username: mcooper
Password: mcooper123

****DEMO VIDEO****

That’s it. You can now explore the features and functionalities of this Online Discussion Forum Site in PHP. I hope this will help you with what you are looking for and you’ll find something useful for your future projects.

Explore more on this website for more Free Source Codes and Tutorials.

Enjoy :)

  • 1378 views

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE